Last Updated: 2007-12-06 04:59:33 UTC
by Daniel Wesemann (Version: 1)
Cisco have just released an advisory covering a buffer overflow vulnerability in the Cisco Security Agent (CSA) for Windows, with remote code execution as the possible outcome. CSA is a "personal firewall" style product, and usually deployed as a defense against exactly the sort of threat that the component itself is now vulnerable to. Back in 2004, such a vulnerability would probably have led to a flurry of noisy network worms - today, drive-by installs of spyware are more likely, but at least as damaging. The bottom line is still the same: If you are using the vulnerable component, patch as soon as possible.